Andrea Mambretti

PhD Student

Education

  • BS in Computer Science Engineering, Politecnico di Milano - Italy
  • MS in Computer Science Engineering, Politecnico di Milano - Italy
  • MS in CyberSecurity - Northeastern University

About Me

  • Hometown: Costa Masnaga, (LC), Italy
  • Field of Study: Cybersecurity
  • PhD Advisors: Engin Kirda

Biography

I am a systems security researcher at IBM Research Europe, in the Zurich Laboratory. Also, I am
completing my doctoral studies at Northeastern University where I am working at SecLab, and am being adviced by Engin Kirda.

Previously, I worked and studied at Politecnico di Milano where I got my Bachelor and Master degrees in Computer Engineering. During this period, I spent most of my time in the NECST research laboratory with professors Stefano Zanero, Federico Maggi and Marco Domenico Santambrogio.

My main interest is in system security with special focus on operating systems, program analysis and compilers. Recently, I also started to look at speculative execution attacks and mitigations. In the past years, I took part in many CTF competitions (such as ruCTF, ICTF and DEFCON) as member of both “Tower of hanoi” and “Shellphish” hacking teams.

What are the specifics of your graduate education (thus far)?

I am a PhD student in the Cybersecurity program.

What are your research interests?

My research interests are in system security with special focus on operating systems and compilers.

What aspect of what you do is most interesting?

The most interesting aspect of my research is building new system components that allow a more secure user experience.

What are your research or career goals, going forward?

I'm interested in both academic and industry careers as long as I would be able to keep the research aspect in my daily activities.

Where did you grow up or spend your most defining years?

I grew up in a quiet, small town called Costa Masnaga close to the alps in the north of Italy. I studied in Milano for my bachelor’s and master’s degrees and in 2014 I visited the Seclab (Systems Security Laboratory) at Northeastern for 6 months to work on my master’s thesis. Afterwards, I decided to apply for the PhD in the same field.

Where did you study for your undergraduate degree?

I chose to study at Politecnico di Milano because it was one of the best technical universities in Italy and I was able to easily commute there from my home.

Recent Publications

  • Trellis: Privilege Separation for Multi-User Applications Made Easy

    Citation: Mambretti A. et al. (2016) Trellis: Privilege Separation for Multi-user Applications Made Easy. In: Monrose F., Dacier M., Blanc G., Garcia-Alfaro J. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2016. Lecture Notes in Computer Science, vol 9854. Springer, Cham
  • LAVA: Large-scale Automated Vulnerability Addition

    Citation: B.Dolan-Gavitt, P. Hulin, E. Kirda, T. Leek, A. Mambretti, W. Robertson, F. Ulrich and R. Whelan. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland), San Jose, CA, USA, May 2016.
  • Two methods for exploiting speculative control flow hijacks

    Citation: "Two methods for exploiting speculative control flow hijacks", 13th {USENIX} Workshop on Offensive Technologies {WOOT} 19, 2019, Santa Clara, CA, url = https://www.usenix.org/conference/woot19/presentation/mambretti, publisher, USENIX} Association

Projects

Related News